CA3056013C - Procede de gestion d'application de terminal, serveur d'application et terminal - Google Patents
Procede de gestion d'application de terminal, serveur d'application et terminal Download PDFInfo
- Publication number
- CA3056013C CA3056013C CA3056013A CA3056013A CA3056013C CA 3056013 C CA3056013 C CA 3056013C CA 3056013 A CA3056013 A CA 3056013A CA 3056013 A CA3056013 A CA 3056013A CA 3056013 C CA3056013 C CA 3056013C
- Authority
- CA
- Canada
- Prior art keywords
- application
- verification message
- verification
- application server
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/388—Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/202—Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
- G06Q20/3263—Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Computer Hardware Design (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Stored Programmes (AREA)
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
La présente invention concerne, selon des modes de réalisation, un procédé de gestion d'application d'un terminal, un serveur d'application et un terminal. Le procédé comprend : lors de la réception d'une demande de téléchargement d'application envoyée par un terminal, l'envoi par un serveur d'application du progiciel d'installation d'application correspondant au terminal ; puis, la réception d'un premier message de vérification envoyé par le terminal, le premier message de vérification étant généré par le terminal en fonction du contenu du progiciel d'installation d'application reçu ; lors de la détermination que le premier message de vérification est cohérent avec un second message de vérification mémorisé, l'envoi par le serveur d'application d'un message d'autorisation d'installation au terminal, de telle sorte que le terminal installe l'application en fonction du progiciel d'installation d'application reçu. Lorsque le serveur d'application détermine, en fonction du premier message de vérification et du second message de vérification, la validité du progiciel d'installation d'application reçu par le terminal, il n'est pas nécessaire que le terminal effectue une vérification de signature avec un certificat, ce qui permet de réduire l'effort du terminal dans la gestion de certificats et d'améliorer l'efficacité d'installation d'application. Lorsque le procédé de vérification d'application doit être mis à niveau, seul le serveur d'application, et non chaque terminal, doit être mis à niveau, ce qui permet d'améliorer l'efficacité temporelle de la mise à niveau de vérification d'application.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711449381.1A CN108460273B (zh) | 2017-12-27 | 2017-12-27 | 一种终端的应用管理方法、应用服务器及终端 |
CN201711449381.1 | 2017-12-27 | ||
PCT/CN2018/088367 WO2019128075A1 (fr) | 2017-12-27 | 2018-05-25 | Procédé de gestion d'application de terminal, serveur d'application et terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CA3056013A1 CA3056013A1 (fr) | 2019-07-04 |
CA3056013C true CA3056013C (fr) | 2023-10-03 |
Family
ID=63220192
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA3056013A Active CA3056013C (fr) | 2017-12-27 | 2018-05-25 | Procede de gestion d'application de terminal, serveur d'application et terminal |
Country Status (7)
Country | Link |
---|---|
US (1) | US11449616B2 (fr) |
EP (1) | EP3584732B1 (fr) |
JP (1) | JP7087085B2 (fr) |
CN (1) | CN108460273B (fr) |
CA (1) | CA3056013C (fr) |
FI (1) | FI3584732T3 (fr) |
WO (1) | WO2019128075A1 (fr) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109743176B (zh) * | 2018-12-28 | 2020-07-28 | 百富计算机技术(深圳)有限公司 | 一种pos终端的证书更新方法、服务器及pos终端 |
CN111722850B (zh) * | 2019-03-21 | 2023-04-25 | 成都鼎桥通信技术有限公司 | 多***间应用的处理方法、装置及*** |
CN112181448A (zh) * | 2020-10-26 | 2021-01-05 | 江苏特思达电子科技股份有限公司 | 一种应用程序远程安装方法、装置及计算机设备 |
US20230336794A1 (en) * | 2022-04-13 | 2023-10-19 | At&T Intellectual Property I, L.P. | Method and apparatus for active content distribution via a residential gateway |
CN115495716B (zh) * | 2022-08-15 | 2023-10-10 | 荣耀终端有限公司 | 一种本地鉴权方法和电子设备 |
CN118260748A (zh) * | 2022-12-28 | 2024-06-28 | 华为技术有限公司 | 一种拦截方法、***及相关装置 |
CN117335988B (zh) * | 2023-11-30 | 2024-03-12 | 中国信息通信研究院 | App的电子标识生成、标注、安全校验方法及设备 |
Family Cites Families (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1536606A1 (fr) * | 2003-11-27 | 2005-06-01 | Nagracard S.A. | Méthode d'authentification d'applications |
WO2007033207A2 (fr) | 2005-09-12 | 2007-03-22 | Bally Gaming, Inc. | Systeme et procede de telechargement et de configuration pour machines de jeu |
JP2009251977A (ja) | 2008-04-08 | 2009-10-29 | Nec Corp | ソフトウェアインストールシステム |
CN102024127B (zh) * | 2010-11-17 | 2012-09-19 | 中国联合网络通信集团有限公司 | 应用软件控制平台、使用者终端、分发***及方法 |
CN102300065A (zh) | 2011-08-31 | 2011-12-28 | 四川长虹电器股份有限公司 | 基于安卓平台的智能电视软件安全认证的方法 |
US20130097660A1 (en) * | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
US20130232229A1 (en) * | 2012-03-02 | 2013-09-05 | Ilya Firman | Distribution of Application Files |
US8843739B2 (en) * | 2012-04-04 | 2014-09-23 | Lockheed Martin Corporation | Anti-tamper device, system, method, and computer-readable medium |
US9152784B2 (en) * | 2012-04-18 | 2015-10-06 | Mcafee, Inc. | Detection and prevention of installation of malicious mobile applications |
JP5126447B1 (ja) | 2012-08-31 | 2013-01-23 | 大日本印刷株式会社 | アプリケーションプログラムの実行方法 |
US20130297934A1 (en) * | 2012-05-02 | 2013-11-07 | Nokia Siemens Networks Oy | Method and apparatus |
CN103577206A (zh) | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | 一种应用软件的安装方法和装置 |
JP5955165B2 (ja) | 2012-08-31 | 2016-07-20 | 株式会社富士通エフサス | 管理装置、管理方法及び管理プログラム |
JP2014048889A (ja) | 2012-08-31 | 2014-03-17 | Toko Electric Corp | 農業効率化支援装置およびコンピュータプログラム |
KR101907529B1 (ko) * | 2012-09-25 | 2018-12-07 | 삼성전자 주식회사 | 사용자 디바이스에서 어플리케이션 관리 방법 및 장치 |
US20140096246A1 (en) * | 2012-10-01 | 2014-04-03 | Google Inc. | Protecting users from undesirable content |
CN102982258B (zh) * | 2012-11-09 | 2016-03-16 | 北京深思数盾科技有限公司 | 一种对移动应用程序进行原版校验的*** |
KR101740256B1 (ko) * | 2012-11-26 | 2017-06-09 | 한국전자통신연구원 | 모바일 앱 무결성 보증 장치 및 방법 |
KR101523309B1 (ko) * | 2013-01-31 | 2015-06-02 | 한국인터넷진흥원 | 어플리케이션 배포 시스템 및 방법 |
US9569618B2 (en) * | 2013-08-28 | 2017-02-14 | Korea University Research And Business Foundation | Server and method for attesting application in smart device using random executable code |
JP5864510B2 (ja) | 2013-10-18 | 2016-02-17 | 富士通株式会社 | 修正プログラム確認方法、修正プログラム確認プログラム、及び情報処理装置 |
CN104683303B (zh) * | 2013-11-28 | 2018-03-30 | 天津三星电子有限公司 | App管理方法 |
CN103632089A (zh) * | 2013-12-16 | 2014-03-12 | 北京网秦天下科技有限公司 | 应用安装包的安全检测方法、装置和*** |
KR102089513B1 (ko) * | 2014-03-19 | 2020-03-16 | 한국전자통신연구원 | 모바일 저장장치에 기반한 소프트웨어 검증 시스템 및 그 방법 |
KR20150117336A (ko) * | 2014-04-09 | 2015-10-20 | 순천향대학교 산학협력단 | 안드로이드 환경에서의 애플리케이션 검증 및 설치 시스템 및 방법 |
KR20160006925A (ko) * | 2014-07-10 | 2016-01-20 | 한국전자통신연구원 | 앱 무결성 검증 장치 및 그 방법 |
US9313218B1 (en) * | 2014-07-23 | 2016-04-12 | Symantec Corporation | Systems and methods for providing information identifying the trustworthiness of applications on application distribution platforms |
CN105450714A (zh) * | 2014-09-19 | 2016-03-30 | 中兴通讯股份有限公司 | 一种对终端应用安装进行远程控制的方法及装置 |
CN104954353B (zh) * | 2015-02-10 | 2018-03-30 | 腾讯科技(深圳)有限公司 | Apk文件包的校验方法和装置 |
CN105354488B (zh) * | 2015-10-26 | 2018-06-15 | 宇龙计算机通信科技(深圳)有限公司 | 一种应用安装方法、相关装置及应用安装*** |
CN105930177A (zh) * | 2015-10-30 | 2016-09-07 | ***股份有限公司 | 一种应用安装方法及装置 |
WO2017079866A1 (fr) * | 2015-11-09 | 2017-05-18 | 华为技术有限公司 | Procédé d'acquisition de progiciel d'installation d'application, procédé de diffusion d'informations, dispositif mobile et station de base |
US10771478B2 (en) * | 2016-02-18 | 2020-09-08 | Comcast Cable Communications, Llc | Security monitoring at operating system kernel level |
WO2017206185A1 (fr) * | 2016-06-03 | 2017-12-07 | 华为技术有限公司 | Procédé, appareil et système pour vérifier la légitimité d'un programme d'application |
US10248788B2 (en) * | 2016-06-28 | 2019-04-02 | International Business Machines Corporation | Detecting harmful applications prior to installation on a user device |
CN107169318A (zh) * | 2017-03-31 | 2017-09-15 | 咪咕数字传媒有限公司 | 一种应用程序安全保护的方法及装置 |
-
2017
- 2017-12-27 CN CN201711449381.1A patent/CN108460273B/zh active Active
-
2018
- 2018-05-25 WO PCT/CN2018/088367 patent/WO2019128075A1/fr unknown
- 2018-05-25 FI FIEP18893709.8T patent/FI3584732T3/fi active
- 2018-05-25 EP EP18893709.8A patent/EP3584732B1/fr active Active
- 2018-05-25 US US16/618,312 patent/US11449616B2/en active Active
- 2018-05-25 JP JP2020536079A patent/JP7087085B2/ja active Active
- 2018-05-25 CA CA3056013A patent/CA3056013C/fr active Active
Also Published As
Publication number | Publication date |
---|---|
US11449616B2 (en) | 2022-09-20 |
EP3584732A1 (fr) | 2019-12-25 |
CA3056013A1 (fr) | 2019-07-04 |
JP7087085B2 (ja) | 2022-06-20 |
CN108460273B (zh) | 2022-10-14 |
EP3584732B1 (fr) | 2023-09-13 |
US20210157922A1 (en) | 2021-05-27 |
EP3584732A4 (fr) | 2020-04-29 |
WO2019128075A1 (fr) | 2019-07-04 |
FI3584732T3 (fi) | 2023-09-15 |
CN108460273A (zh) | 2018-08-28 |
JP2021508880A (ja) | 2021-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA3056013C (fr) | Procede de gestion d'application de terminal, serveur d'application et terminal | |
US9721101B2 (en) | System wide root of trust chaining via signed applications | |
US10528765B2 (en) | Technologies for secure boot provisioning and management of field-programmable gate array images | |
CN110110522B (zh) | 内核修复方法和装置 | |
EP2962241B1 (fr) | Continuation de confiance pour microprogramme de démarrage de plate-forme | |
US10127057B2 (en) | Method and apparatus for dynamically implementing application function | |
US8938735B2 (en) | Bootstrapper and software download manager | |
US8904518B2 (en) | Information processing device, information processing method, and program distribution system | |
US8095799B2 (en) | Ticket authorized secure installation and boot | |
US10437580B2 (en) | Software updating methods and systems | |
US20200264863A1 (en) | Hot update method, operating system, terminal device, and storage medium | |
US20170255775A1 (en) | Software verification systems with multiple verification paths | |
EP3163489B1 (fr) | Commande basée sur des jetons d'installation et de fonctionnement d'un logiciel | |
US20190163898A1 (en) | Package processing | |
US20160065375A1 (en) | Dynamic integrity validation of a high level operating system | |
US8874927B2 (en) | Application execution system and method of terminal | |
WO2023124420A1 (fr) | Procédés et système de signature d'applications, terminal de transaction et plate-forme de service | |
US10771462B2 (en) | User terminal using cloud service, integrated security management server for user terminal, and integrated security management method for user terminal | |
CN107077342B (zh) | 固件模块运行权限 | |
CN108762827B (zh) | 加密服务提供程序调用方法及终端设备 | |
CN112527358B (zh) | 一种基于自我度量的可信应用可信度量方法、装置及*** | |
CN112346712B (zh) | ***客制化方法、装置及计算机可读存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |
|
EEER | Examination request |
Effective date: 20190927 |